This time, up for review is Black Hat Python by Justin Seitz by Justin Seitz (who also wrote Grey Hat Python.)

TL;DR: » 4 out of 5 stars.

Audience

This is not a beginner book. It assumes a lot of basic knowledge about security, networking, and Python. It’s also not an expert’s book as most of the stuff you can find online (if you know where to look). I’d put this book at somewhere inbetween intermediate and advanced. If you have a general idea of computer security, hacking, pen testing, etc and a little knowledge (but aren’t an expert) in Python, you’ll enjoy this book.

The 4 of the 5 stars

It just so happens that I fit the audience for this book pretty well. I’m by no means a security expert, nor do I work in the field (I wish), but I feel like I have a good handle on it. Likewise, although I know Python and could probably ‘get-by’ programming something in it, I don’t use it often enough to feel super comfortable using it.

The book is kind of a large collection of example scripts that you might use while hacking or pen testing. The Python code is at an intermediate level/advanced level and as I mentioned not being very good at Python, I had to look up several references. (Side Note: there are a few syntax typos in the book but nothing that shouldn’t be easy to fix.)

You might think that a book with a bunch of example code is kind of lame because you can just look it up online, but it turns out to be pretty useful. I think one of the hardest parts of programming is figuring out where to start. With these examples, you can copy the code and build on it from there. For example, I’ve actually always wanted to write a sniffer just to see how they work. The book takes you through writing a very simple sniffer that you could easily build on.

Perhaps what I enjoyed most about the book was that it got me excited about writing my own Python code for security tools. I guess you could say that it sort of motivated me or put me in the mindset to want to try doing it on my own instead of using everyone else’s tools!

The missing star

I didn’t think I’d ever say this about a book but I think my overall complaint is the length. It’s too short and there are several areas where the author could have expanded/explained things. For instance, with the Scapy library that it teaches you how to use, I was confused with how the ARP poisoning worked until I figured out that because the hardware src was not an argument to the ARP() class, it was set by default to the machine’s mac address (key to the arp poisoning). I was also confused with the / notation for composing packets until I read the Scapy docs

It’s kind of funny, the book can be a bit bipolar at times. One chapter you’re reading it thinking that this type of knowledge would be good for pen testing. The next chapter, you’re thinking, wow, this is real “bad guy” (Black Hat) stuff that I could rarely see a use for other than devious purposes. I’m glad to see these chapters because near the first of the book I was thinking to myself, is the ‘Black Hat’ title just a ruse to get you interested in the book, or are we actually going to learn real hacking stuff. I would have been happier if the whole book was this way but who knows, maybe the author and/or publishing company would get sued :-p

Thanks to my favorite publishing company in the world (No Starch Press) for providing the book for review!